IT Manager - Cyber Defense

About the position

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You'll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world. As the Cyber Defense Manager, you will serve as a key member of the Global Cyber Information Security strategic leadership team and will act as a consensus builder, problem solver, and team leader for the overall security organization. You'll play a critical role that requires an individual with a strong technical background as well as innate understanding of balancing security requirements with business objectives. You will act as an empowered team member with the CISO during planning and design initiatives to ensure security measures are incorporated into the global strategy and priorities are clearly understood/defined. This individual will lead a global team responsible for continuously monitoring Element's network and responding to cyber security threats, anomalies, and attacks in partnership with our 24x7 managed SOC.

Responsibilities

• Provide thought leadership to a global team of analysts, engineers, threat hunters, and incident responders.
• Develop strategic roadmaps to support detection, defense, and resiliency processes.
• Ensure timely response and proper acumen to any cyber event.
• Effectively work with and influence a global team from both technology and the business as a key leader of the Global Cyber Information Security Office.
• Lead the design of systems and processes for a global cybersecurity operation to have full visibility across the globe on cyber threats and alerting.
• Drive the incident response plan for the organization enrolling leadership to follow a well-rehearsed plan when a cyber event occurs.
• Manage detection and response capabilities including software, third party security operations center, and threat hunting.
• Develop and enhance an information security and cyber defense management framework.
• Identify and prepare response strategy for emerging technology such as deep fakes and AI.
• Coordinate and manage external relationships as it relates to security assessment services as well as incident response requirements.
• Create a roadmap for cyber security operations and identify business threats within the current business environment.
• Interact with a wide group of disciplines across the company such as risk and compliance team, corporate communications, legal, government affairs, etc.
• Build an ongoing enhancement roadmap and future direction of team and technology closely mapped to Medtronic's strategy.
• Create and communicate regular threat briefings, intelligence communications for all areas of the Enterprise.
• Ensure monitoring for attacks, intrusions and unusual, unauthorized or illegal activity.
• Engage in 'ethical hacking', for example, simulating security breaches.
• Identify potential weaknesses and implement measures, such as firewalls and encryption.
• Monitor and respond to 'phishing' emails and 'pharming' activity.
• Partner with key leadership, process, and project team members to define security capability needs.
• Maintain strong vendor relationships that support business and security objectives.
• Accountable for maintaining responsible budgetary in area of responsibility.
• Evaluate team performance and manage equitable promotional opportunities for cloud security team.
• Contribute to and cultivate a culture which promotes the development of business capabilities, process excellence, and shared best practice execution.
• Foster a positive, engaging and challenging team-focused 'global' work environment.

Requirements

• Bachelor's degree.
• 5+ years of experience with a bachelor's degree or 3+ years of experience with an advanced degree.

Nice-to-haves

• 5+ Security incident response management experience.
• Proven speedy decision-making skills.
• Strong communication skills, including with employees, clients, senior management and vendors.
• Strong results orientation (driving to deadlines, financial targets, project goals, etc.).
• Expert understanding of NIST CSF and response procedures in a global organization.
• 8+ years of information security assessment, architecture, engineering, and operations.
• 5+ years of experience aligned to a relevant architecture discipline.
• 7+ years of experience and strong knowledge of Enterprise-class architecture concepts.
• Specialized training on managing and communicating top secret/confidential information.
• Certifications in information security, OSCP, CISSP, Ethical Hacking.
• Advanced knowledge and training on the dark/black web activity.
• High degree of 'learning agility' with the ability to readily consume and apply new information.
• Strong business acumen, decision making, and influence skills across all levels of an organization.
• Experience in business capability and process modeling.
• Excellent leadership and teamwork skills.
• Ability to work collaboratively and partner with employees, leaders, clients, and vendors.
• Demonstrated ability to work in a global, virtual organization.
• Excellent presentation skills, including the ability to translate technical information into business terms.
• Knowledge in user experience modeling, information design, and concept generation.
• Technology depth and credibility with technical staff.
• Work experience in the Medical Device Industry, or other regulated industry.
• Ability to mentor and develop business, architecture, and technical resources.

Benefits

• Health, Dental and vision insurance.
• Health Savings Account.
• Healthcare Flexible Spending Account.
• Life insurance.
• Long-term disability leave.
• Dependent daycare spending account.
• Tuition assistance/reimbursement.
• Simple Steps (global well-being program).
• Incentive plans.
• 401(k) plan plus employer contribution and match.
• Short-term disability.
• Paid time off.
• Paid holidays.
• Employee Stock Purchase Plan.
• Employee Assistance Program.
• Non-qualified Retirement Plan Supplement.
• Capital Accumulation Plan.